The rise of quantum computing is reshaping the cyber threat landscape, necessitating the development of effective cybersecurity measures. Although post-quantum cryptography (PQC) algorithms recently approved by the US National Institute of Standards & Technology have seen global adoption, their current deployment is limited to specific setups. In particular, these algorithms are not well-suited for resource-constrained devices, such as vehicles and satellites, that make up many Internet-enabled edge deployments. Additionally, due to the lack of effective crypto-agility and their vulnerability to side channel attacks, these environments are not yet ready for quantum-safe transformation. This presents the potential for the EU to define and develop technologies for practical end-to-end (E2E) implementation of PQC across the Internet.
The project "Functional cOmposition of post quantum Cryptosystems At Large", or "FOCAL" for short, aims to create a unified framework that enables effective E2E functional composition of PQC in both provisioned and resource-constrained networks. Funded by the EU, the project consist of 15 consortium partners; the University of Luebeck is represented by the institutes ITI and ITS.
Within FOCAL, the ITS concentrates on Trusted Execution Environments (TEEs) which are used to secure services in shared edge-oriented architectures of embedded systems and in cloud environments. While first general solutions to post-quantum attestation protocols have been discussed in literature, FOCAL considers edge-oriented ecosystems that face their own specific obstacles, such as constrained computing resources or communication over high-latency networks. The ITS will hence focus on resolving these challenges by investigating lightweight TEEs amongst edge devices.
